[Rack] Heartbleed SSL Vulnerability
Jonathan Lassoff
jof at thejof.com
Tue Apr 8 14:00:50 UTC 2014
Which tool were you using that was reporting a vulnerability?
On Tue, Apr 8, 2014 at 2:51 PM, Chris Egeland <chris at chrisegeland.com>wrote:
> jof,
>
> Thanks for looking into this. I tried testing with a couple of tools
> online on noisebridge.net, some were reporting that they were vulnerable.
> However, if there is no cause for concern, I will simply attribute the
> tool to being a false positive.
>
> Best of luck with this today.
>
> Chris
>
>
>
> On 4/8/2014 9:42 AM, Jonathan Lassoff wrote:
>
>> I'm super busy patching this for my commercial work, however a cursory
>> testing of the HTTPS service for noisebridge.net shows that it's not
>> vulnerable, nor is STARTTLS on the SMTP endpoint.
>>
>> Are there any TLS services that noisebridge hosts?
>>
>> Cheers,
>> jof
>>
>>
>>
>> On Tue, Apr 8, 2014 at 2:37 PM, Chris Egeland <chris at chrisegeland.com
>> >wrote:
>>
>> Hello,
>>>
>>> As I'm sure you all have heard, the Heartbleed SSL vulnerability was
>>> exposed last night. If you haven't heard about it yet, I urge you to go
>>> to
>>> http://heartbleed.com/ and read about it.
>>>
>>> I'm curious, is anyone working to resolve this on Noisebridge's end?
>>>
>>> Thanks,
>>> Chris Egeland
>>> _______________________________________________
>>> Rack mailing list
>>> Rack at lists.noisebridge.net
>>> https://www.noisebridge.net/mailman/listinfo/rack
>>>
>>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/rack/attachments/20140408/7637126f/attachment-0003.html>
More information about the Rack
mailing list